On-site security devices. Google`s data centers have an electronic card key and a biometric access control system connected to a system alarm. The access control system monitors and records the key to each person`s electronic card and, when accessing perimeter gates, shipping and receiving, as well as other critical areas. Unauthorized activities and failed access attempts are recorded by the access control system and, if necessary, analyzed. Access allowed in all business processes and data centers is limited depending on the areas and the responsibility of individuals. Fire doors in computational centres are alerted. CcTV cameras work both inside and outside data centers. Camera positioning has been designed to cover strategic areas such as circumference, data center doors and shipping/reception. On-site security personnel manage surveillance, recording and control equipment for surveillance, recording and control equipment. Secure cables in computational centers connect CCTV devices. The cameras are taken on the spot by digital VCR 24 hours a day, 7 days a week. Monitoring records are kept for up to 30 days, depending on activity.
5.1.3 Skills under non-European law. If the processing of the Customer`s personal data by one of the parties is subject to a non-European data protection law, the party concerned will comply with all obligations under this Act regarding the handling of this personal data of the Customer. The RGPD stipulates that a data processing agreement must be made in writing, which is contained in electronic form (Article 28, paragraph 9). The Dpa confirmed, in view of German contract law, that a qualified electronic signature is not required to meet this requirement through the data processing contract. Proof of the conclusion of the data processing agreement can also be provided through a process of manual signature, digitization and obtaining an agreement signed in exchange. This means that the data processing contract can be signed by hand, scanned and emailed to the other party, handwritten and signed by the other party, scanned again and emailed to the first part, provided that the corresponding email is also documented and retained. However, German-based officials and processors must submit documents in German when the documents are requested by the data protection authority. This is part of an official administrative procedure to demonstrate compliance with the RGPD (Article 9 and 23 al. 1, 2) of the Bayerische Verwaltungsverfahrensgesetz).